Ghostscript: Buffer overflow
— GLSA 200803-14

A stack-based buffer overflow has been discovered in Ghostscript, allowing
arbitrary code execution.

Affected Packages

Package

app-text/ghostscript-esp on all architectures

Affected versions

< 8.15.4-r1

Unaffected versions

>= 8.15.4-r1

Package

app-text/ghostscript-gpl on all architectures

Affected versions

< 8.61-r3

Unaffected versions

>= 8.61-r3

Package

app-text/ghostscript-gnu on all architectures

Affected versions

< 8.60.0-r2

Unaffected versions

>= 8.60.0-r2

Background

Ghostscript is a suite of software based on an interpreter for
PostScript and PDF.

Description

Chris Evans (Google Security) discovered a stack-based buffer overflow
within the zseticcspace() function in the file zicc.c when processing a
PostScript file containing a long "Range" array in a .seticcscpate
operator.

Impact

A remote attacker could exploit this vulnerability by enticing a user
to open a specially crafted PostScript file, which could possibly lead
to the execution of arbitrary code or a Denial of Service.